Understanding the object access infrastructure
You can assign each user one or more roles that contain permissions. These permissions control what the user can do in Guidewire PolicyCenter. For example, a user in PolicyCenter with the correct role can create a note on a Policy. The limitation of roles is that they do not distinguish among objects of the same type. In the previous example, “note” means all notes and all note types. However, suppose that you want to restrict access to notes that contain sensitive information. In this case, PolicyCenter provides access control features that you use to restrict access to specific types of notes.
By implementing access control, you can subcategorize an object type and then restrict object access by these subcategories. In the base configuration, you can apply access control to the following business objects:
AccountActivityDocumentJob– and all its subtypesNotePolicyPeriodUser
It is possible to apply access control (permissions) to any PolicyCenter business object.